- Nov 24, 2016
-
-
Alex Rousskov authored
* HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer a...
-
Patrick Monnerat authored
This is done for all functions of the form Curl_read[136][624]_[lb]e.
-
Patrick Monnerat authored
See CRL-01-006.
-
- Nov 22, 2016
-
-
Jay Satiro authored
- Fix connection reuse for when the proposed new conn 'needle' has a specified local port but does not have a specified device interface. Bug: https://curl.haxx.se/mail/lib-2016-11/0137.html Reported-by: bjt3[at]hotmail.com
-
- Nov 21, 2016
-
-
Daniel Stenberg authored
-
Jay Satiro authored
-
- Nov 19, 2016
-
-
Marcel Raad authored
Fix warnings about conversions from long to time_t in openssl.c and schannel.c. Follow-up to de4de4e3
-
- Nov 18, 2016
-
-
Marcel Raad authored
Visual C++ now complains about implicitly casting time_t (64-bit) to long (32-bit). Fix this by changing some variables from long to time_t, or explicitly casting to long where the public interface would be affected. Closes #1131
-
- Nov 17, 2016
-
-
Isaac Boukris authored
When reusing a connection, make sure the unix domain socket option matches.
-
Jay Satiro authored
Follow-up to a4d88885. Changing the window size in that commit resulted in a different HTTP2-Settings upgrade header, causing test 1800 to fail.
-
- Nov 16, 2016
-
-
Jay Satiro authored
- Improve performance by using a huge HTTP/2 window size. Bug: https://github.com/curl/curl/issues/1102 Reported-by: <afrind@users.noreply.github.com> Assisted-by: Tatsuhiro Tsujikawa
-
Daniel Stenberg authored
-
Daniel Stenberg authored
and warn on unrecognized lines
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... and warn for too long --help lines
-
Daniel Stenberg authored
-
Jay Satiro authored
- In Curl_http2_switched don't call memcpy when src is NULL. Curl_http2_switched can be called like: Curl_http2_switched(conn, NULL, 0); .. and prior to this change memcpy was then called like: memcpy(dest, NULL, 0) .. causing address sanitizer to warn: http2.c:2057:3: runtime error: null pointer passed as argument 2, which is declared to never be null
-
Jay Satiro authored
-
Jay Satiro authored
-
- Nov 15, 2016
-
-
Alex Chan authored
-
Kamil Dudka authored
-
Daniel Stenberg authored
-
David Schweikert authored
Reviewed-by: Nick Zitzmann Closes #1105
-
Daniel Stenberg authored
Fixes test 1139 failures Follow-up to f82bbe01
-
Daniel Stenberg authored
Brought in ee4f7660 Added test case 1280 to verify Reported-by: Dave Reisner Bug: https://github.com/curl/curl/commit/ee4f76606cfa4ee068bf28edd37c8dae7e8db317#commitcomment-19823146
-
- Nov 14, 2016
-
-
Daniel Stenberg authored
Exit with an error on the first transfer error instead of continuing to do the rest of the URLs. Discussion: https://curl.haxx.se/mail/archive-2016-11/0038.html
-
Daniel Stenberg authored
Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
-
- Nov 13, 2016
-
-
Daniel Stenberg authored
See MANPAGE.md for the description of how this works. Each command line option is now described in a separate .d file.
-
Daniel Stenberg authored
Blah, I accidentally wrote size_t instead of time_t for two variables. Reported-by: Dave Reisner
-
- Nov 12, 2016
-
-
Daniel Stenberg authored
... as long is still 32bit on modern 64bit windows machines, while time_t is generally 64bit.
-
Dan Fandrich authored
This stops the compiler from potentially making invalid assumptions about the immutability of sdp and sap across the longjmp boundary.
-
- Nov 11, 2016
-
-
Daniel Stenberg authored
-
file://[host]/Daniel Stenberg authored
Previously, the [host] part was just ignored which made libcurl accept strange URLs misleading users. like "file://etc/passwd" which might've looked like it refers to "/etc/passwd" but is just "/passwd" since the "etc" is an ignored host name. Reported-by: Mike Crowe Assisted-by: Kamil Dudka
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
1.1.0+ does more of this by itself so we can avoid extra processing this way.
-
Daniel Stenberg authored
and remove RAND_screen from configure since nothing is using that function
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html
-